from the a-new-low-in-sensitivity-training dept

FBI. DEA. NSA. CIA. DHS. TSA. All these acronyms (and more) participate in activities that can (and do) have negative effects on Americans' civil liberties. But that's OK, says the government, because we have oversight. This assertion just simply isn't true. The Snowden leaks proved what oversight existed was beholden to the NSA and frequently put itself between the agency and legislators on the outside of the inner circle in order to keep its secrets protected.

Elsewhere, the entities charged with providing oversight for government agencies -- the various Inspector General's offices -- were finding themselves unable to pursue their duties because the agencies they watched refused to cooperate with their investigations. Michael Horowitz, the DOJ Inspector General, frequently expressed his displeasure with the DEA and FBI, both of which refused to provide him with the documents he was seeking.

Over at the CIA, Inspector General David Buckley performed his investigation of the alleged hacking of Senate staffers' computers. He found the allegations to be true. The CIA responded by discrediting his report and performing its own internal audit, which naturally found the agency to be blameless and the Senate at fault for supposedly abusing its access to CIA documents. Buckley retired. The CIA has yet to replace him.

As if things couldn't get any worse, the Office of Legal Counsel decided the best route for effective oversight was to hand over control to the agencies being overseen. On July 20th, it issued a decision that said Inspectors General needed to seek permission from the agencies under their purview for access to sensitive documents. If the agencies turned them down, too bad. They'd just have to do without.

The IGs -- representing 72 government agencies -- have sent a letter to Congress asking them to overturn the OLC's decision. (via Unredacted)

Despite the unequivocal language of Section 6(a) of the IG Act, the OLC opinion concludes that it does not entitle the DOJ-IG to obtain independent access to grand jury, wiretap, and credit information in the DOJ’s possession that is necessary for the DOJ-IG to perform its work. Indeed, the OLC opinion concludes that such records cannot be obtained by the DOJ-IG pursuant to the IG Act, and can only be obtained in certain – but not all – circumstances through provisions in the specific laws related to those records. Further, the opinion provides that only the Department of Justice itself decides whether access by the DOJ-IG is warranted – placing the agency that the DOJ-IG oversees in the position of deciding whether to grant the Inspector General access to information necessary to conduct effective and independent oversight. Requiring an Inspector General to obtain permission from agency staff in order to access agency information turns the principle of independent oversight that is enshrined in the IG Act on its head.

The OLC opinion’s restrictive reading of the IG Act represents a potentially serious challenge to the authority of every Inspector General and our collective ability to conduct our work thoroughly, independently, and in a timely manner. Our concern is that, as a result of the OLC opinion, agencies other than DOJ may likewise withhold crucial records from their Inspectors General, adversely impacting their work. Even absent this opinion, agencies such as the Peace Corps and the U.S. Chemical Safety and Hazard Investigation Board (CSB) have restricted or denied their OIGs access to agency records on claims of common law privileges or assertions that other laws prohibit access. Similarly, the Department of Commerce denied its Inspector General (Commerce-IG) access to agency records that were needed for the Commerce-IG to complete an audit of agency operations because agency counsel had concluded, based on guidance that agency counsel said came from OLC, that it might be a violation of another federal statute to make the records available to its Inspector General. As a result, the Commerce-IG could not complete its audit.

In other words, things were already bad. Now, they're impossible. These agencies were already doing everything they could to thwart their oversight. Now, the OLC has given them permission to stonewall every single investigation that requires the access to "sensitive" agency documents -- which would be a great majority of them.

The letter goes on to point out that the OLC's decision creates a smokescreen that will have serious repercussions for years to come.

Without timely and unfettered access to all necessary information, Inspectors General cannot ensure that all government programs and operations are subject to exacting and independent scrutiny. Refusing, restricting, or delaying an Inspector General's independent access may lead to incomplete, inaccurate, or significantly delayed findings and recommendations, which in turn may prevent the agency from promptly correcting serious problems and pursuing recoveries that benefit taxpayers, and deprive Congress of timely information regarding the agency's activities. It also may impede or otherwise inhibit investigations and prosecutions related to agency programs and operations.

The OLC's decision is astounding, and should be undone as swiftly as possible. There's a lot of room for abuse in many agencies, and one of the only things acting as a check against this are the IGs. The assurances that there is sufficient oversight are hollow. There was very little oversight to begin with. With this determination in place, there's almost none. The denied access can likely be challenged, but time is often of the essence, and weeks or months of discussion over the release of documents can put a lot of space between badly-behaving agencies and whatever scandal they're attempting to ride out.

The OLC had decided government agencies shouldn't be accountable to the public, and its excuse is "security." It's being left up to agencies to decide what information is too "sensitive" to share with their overseers. And it will be evidence of screwups, quasi-legal activities and other abuses of power that receive this label first.

The Department of Veterans Affairs' in-house watchdog has demanded that the Project On Government Oversight turn over all information it has collected related to abuses and mismanagement at VA medical facilities, according to a subpoena delivered to POGO May 30.

The subpoena from the VA Office of Inspector General demands all records POGO has received from current or former VA employees, as well as any other individuals, including veterans. The subpoena asks for records related to "wait times, access to care, and/or patient scheduling issues at the Phoenix, Arizona VA Healthcare System and any other VA medical facility."

While on one hand, the information the IG is seeking is exactly the sort of data it needs to complete its investigation, the larger issue is the subpoena's potential to undermine the confidentiality promised to whistleblowers who submitted documents through POGO's VAOversight.org website. Nearly 700 people have turned over information to POGO's secure dropbox since the site's launch in early May. POGO advised submitters to take steps to maintain their anonymity when submitting (using TOR, not submitting docs from work phones, computers or fax machines, etc.) and all submissions were sent as encrypted messages.

Now, with a simple administrative subpoena -- one that isn't even signed by a judge -- all of this protection is being removed. Anyone who failed to take preventative measures, or might be traced back via other means, can now be exposed by the IG's efforts.

The current administration talks a lot about transparency and the importance of whistleblowers in keeping the government in line, but its actions have completely contradicted its spoken assurances. This administration has prosecuted more whistleblowers than all other administrations combined. Those who may be swept up by the IG's investigation include many who tried to alert the government of the VA's problems through proper channels, but turned to a third party when their grievances went unanswered.

Our unwillingness to comply with the subpoena is consistent with our long history of protecting sources who come to our organization. POGO has consistently refused to turn over information and/or records about our sources, investigations, and practices when government agencies, Congress, and parties in civil and administrative cases made such requests, including requests made pursuant to a subpoena. POGO has always taken the position that the First Amendment protects POGO's right to protect the whistleblowers, sources, and insiders who come to us with information or assist in POGO’s investigations.

The letter further points out that there's little reason to believe that the Inspector General doesn't already have access to the sort of information its seeking.

The IG's office has provided no basis to suggest that the information possessed by POGO as a result of its investigation of the VA is not already available to the IG, including through the VA IG "hotline." Accordingly, the administrative subpoena is little more than an invasive fishing expedition.

Edward Snowden, along with many others, has said that the best tool right now to defeat the NSA and other government spying is the use of encryption. It is possible that some forms of encryption are not breakable by the NSA. It is likely that breaking other forms of encryption is slow and/or expensive to do on a world wide web-scale. It is a race of course, between how many supercomputing algorithms the NSA can throw at the problem and the cleverness of the people creating new forms of better encryption.

If the government can access documents and information with a simple piece of paper– a subpoena– then all the encryption in the world is pointless.

This is part of the government's interpretation of the Third Party Doctrine, one that has made the Fourth Amendment almost completely useless.

DOJ has turned all that around. It claims now that under the Fourth Amendment, it can subpoena an Internet company such as Facebook and demand they look for and turn over all the records they have about Mr. Anderson. DOJ isn’t searching, per se– they are demanding Facebook do that for them, so no warrant is needed. Worse yet, DOJ believes it can subpoena multiple records, maybe all the records something like Facebook has, with one piece of paper. The same thing applies, DOJ claims, to email. If they came to someone’s home and demanded access to that person’s emails, it would require a specific search warrant. Instead, if DOJ issues a subpoena to say Google, they can potentially vacuum up every Gmail message ever sent.

So, while encryption may stymie the interception of communications, it doesn't do much good when the government arrives with a piece of paper asking for the unencrypted end result of these communications, especially one that is self-issued by the Inspector General with no additional legal scrutiny. POGO encrypted submissions but the IG's subpoena asks for everything its collected in unencrypted form ("fully legible and complete copies of the records"). The assurances given to anonymous whistleblowers by POGO are as meaningless as the assurances given to users of Lavabit's encrypted email service. The government doesn't mind much if you encrypt the "middle," because it can always just ask for stuff at either end.

from the good-for-him dept

We've noted recently that police and the courts have been regularly abusing wiretap laws to arrest people who are videotaping or recording police, claiming that they're violating two-party consent laws. The most famous case, of course, is the motorcycle rider with a helmet cam, who is facing jailtime for recording an off-duty, ununiformed police officer who jumped out of his car with his gun drawn. These situations are clearly not what such laws are designed to protect. Instead, it appears that the police are using them to intimidate and block people from legally recording police activity in public places.